John Gruber nails Mac Virus FUDmasters to the wall

People who claim that Macs are just as susceptible to viruses as Windows make me furious. The most common excuses for explaining away the lack of Mac viruses is that no one would bother to write a virus for a Mac because it’s not worth their trouble. It should take about one tenth of one millisecond to see how ridiculous this argument is, but people with motivated reasoning come up with all sorts of rationalizations to make it work. I usually try to combat these people with logic which is, of course, hopeless since they’ve already suspended the use of logic. People like the Macalope probably have the right idea. They don’t argue with these fools, they just mock them.

In today’s Daring Fireball, John Gruber came up with one of the most persuasive anti-FUD arguments I’ve ever seen. It’s entitled “Wolf!” If you haven’t seen it, you should. You can find it here:

ZDNet, PCWorld with an assist from McAfee, The Inquirer (the British site), Business Week, The Times (another british one.. there may be multiple sites with similar names), GNT (who ?), Infoworld, Wired, TechRepublic, CNN, CNet, Silicon, MIT Technology Review.

With Apple?s announcement Monday that it shipped 1.12 million iPhones in the three months after its launch, the gadget?s apparent popularity rivals some PCs. That has security experts warning of trouble, following revelations that Apple built the iPhone?s firmware on the same flawed security model that took rival Microsoft a decade to eliminate from Windows.

?It really is an example of ?those who don?t learn from history are condemned to repeat it?,? says Dan Geer, vice president and chief scientist at security firm Verdasys.

Where were the warnings after the first million Android phones were sold? Aside from a burst of articles when Google removed malware apps, you haven’t seen any follow up on that very real problem. Did the hackers all of the sudden give up on trying to attack the tens of millions of Android phones out there? What about the non-Google app stores?

The installed base of Mac users has long since passed the number that would make it attractive to hackers, especially since Mac users tend to be in the mid to upper income brackets. Besides, there are always hackers that will hack for fame rather than fortune.

Signature

People who claim that Macs are just as susceptible to viruses as Windows make me furious. The most common excuses for explaining away the lack of Mac viruses is that no one would bother to write a virus for a Mac because it’s not worth their trouble. It should take about one tenth of one millisecond to see how ridiculous this argument is, but people with motivated reasoning come up with all sorts of rationalizations to make it work. I usually try to combat these people with logic which is, of course, hopeless since they’ve already suspended the use of logic. People like the Macalope probably have the right idea. They don’t argue with these fools, they just mock them.

In today’s Daring Fireball, John Gruber came up with one of the most persuasive anti-FUD arguments I’ve ever seen. It’s entitled “Wolf!” If you haven’t seen it, you should. You can find it here:

Signature

This anti-malware (Mac Defender, MacProtector, etc.) Trojan horse is not a virus, but it is something the Mac community needs to address. There are millions of new Mac users each year, many who are not computer savvy and, therefore, susceptible to this type of trickery.

Although it is definitely FUD to equate this with the much more widespread and virulent Windows malware, it might be better to respond to the FUD with clear explanations to educate the ignorant (lacking knowledge) in addition to castigating the FUDsters.

If you want to call this FUD, or call me ignorant, go ahead. I’m telling you that it’s real, it’s clever and it’s a problem.

Trojans are a problem Redge, but they are unrelated to the Operating System. That’s the FUD part. Trojans trick a user into giving the thief their administrative password. It’s like having a con man convince you to give him your house key. No security system in the world can protect you from that.

Trojans cannot be stopped by an operating system…

...UNLESS the user lives in a closed loop such as the iPhone/iPad and App Store. It’s like living in a gated community where you don’t have keys. The doorman checks each and every entrant at the gate. I think Apple may be considering moving the Mac into that kind of closed system. That’s why I just started a thread entitled “Opinion: Apple is going to lock down the Mac”.

Conflating Trojans with Viruses does the end user a disservice. Suggesting that the Mac is as susceptible to viruses as a Windows PC is a downright lie and does the user a disservice. The way to stop Trojans is through consumer education, not disinformation and FUD.

Two days ago I went to a site that I visit fairly regularly called Stripers On-line, which is the main saltwater fishing forum for the New York/New Jersey area. The forum runs a personal message system, and right after the forum came up on my screen, a box popped up saying that I had a personal message, which didn’t surprise me at all. So I clicked it.

The next thing I knew, a screen popped up that was allegedly doing a virus check on my MacBook Air, and then a box popped up showing that some kind of malware programme was rapidly downloading to my computer.

I immediately turned my computer off, which appears to have stopped this in its tracks. I shut down the computer so fast that I can’t tell you what this thing was called - Mac Defender, Mac Protector, who knows.

The fact that the box saying that I had a personal message popped up just after logging onto a forum that has a personal message system is either an extraordinary coincidence or the delivery of this malware is very well disguised.

If you want to call this FUD, or call me ignorant, go ahead. I’m telling you that it’s real, it’s clever and it’s a problem.

I’ll second what redge says. My wife’s MacBook air got the Mac defender Trojan, and it looks pretty real and might get a few folks. The key is it asks for your admin password and if you don’t install it, then no harm done. For folks wanting to check their systems the open source clamxav is a free choice. Another issue I ran into recently was the installation of a bot on my window’s bootcamp partition. My sons use window 7 for gaming on steam and such and they had inadvertently installed bot software. Got a security notice from Comcast, and when I did a malware scan on the Apple partion zero malware. The Windows partition had 11 pieces of malware..

Conflating Trojans with Viruses does the end user a disservice. Suggesting that the Mac is as susceptible to viruses as a Windows PC is a downright lie and does the user a disservice. The way to stop Trojans is through consumer education, not disinformation and FUD.

Thanks, FalKirk. You said it much better than I.

A few of my cousins are new Mac users. I basically reminded them to use Firefox or Chrome instead of Safari. I also told them to never enter their admin password for any type of installation unless they initiated the installation. Finally, I told them to Quit the browser using Command-Q if they ever see a window popup like this:

The problem with crying Wolf! is that when the wolf shows up no one listens.
This trojan is real, and telling people that Mac’s are immune to viruses does no good for the average user. People need to use common sense but alas there is often little of that at the intersection of public and computers.

The difference as I see it is: education and additional, frequently updated, antivirus software are needed to keep a WindowsPC safe, whereas on a Mac, education is needed to keep a Mac safe; the antivirus software is unnecessary.

Signature

The study of money, above all other fields in economics, is one in which complexity is used to disguise truth or to evade truth, not to reveal it. The process by which banks create money is so simple the mind is repelled.

...I also told them to never enter their admin password for any type of installation unless they initiated the installation.

That is the key question to ask yourself when you’re about to enter an admin password - “Who originated this whole thing?”. If it’s something that popped up on your screen, or something a friend sent you unsolicited, then just don’t enter that password; the whole thing is likely a scam (that has already taken in your friend). It’s basic hygiene, and it’s something you have to learn to be aware of (unless you’re using IOS!). And if you did originate it yourself, ask yourself if you trust the place where you got it from. If you aren’t sure, Googling a few key words from the pitch you’ve accepted will probably tell you if it’s a scam; you are very unlikely to be anywhere near the first to be affected. (Try googling “Mac defender” today and see what you get!).

This was explained to me years ago why its so difficult to write a virus to attack OSX. I have filed it away and dug it up to share here.
Apple has introduced many initiatives to prevent security issues. One of the most interesting is known as address space layout randomization (ASLR) which is more commonly known as memory randomization. ASLR is important because it makes one of the most common security issues, the buffer overflow, almost impossible to exploit.
To understand this, think of it this way. Imagine the memory of your computer like a map of your hometown. Some vandal wants to change some of the street names to mess with your map. In order for him to do that, he needs to know the exact longitude and latitude of those streets. It?s easy for him because he can buy a map of your hometown and get that same information.
The latest version of OS X chops that map up into little squares and randomly rearranges them, but is also smart enough to know how to continue reading the map unhindered by the confusing rearrangement. Nobody is able to buy a map arranged exactly like that so nobody can get the exact information they need to vandalize your map. It doesn?t mean they can?t. They just can?t quite zero in on exact targets anymore.
On top of that, OS X also offers tagged downloading of applications (a system that watches very closely what gets downloaded and run on your computer and alerts the user before it runs for the first time), stronger forms of built-in encryption, more robust firewall features that watch for malware-like activity and application sandboxing to prevent hackers from targeting program-specific vulnerabilities.

This trojan is real, and telling people that Mac’s are immune to viruses does no good for the average user.

I believe that telling people that Macs are significantly less susceptible than PCs to viruses, let alone suggesting that they are more or less immune, which is often how it comes across, promotes complacency, and that the debate is principally of interest to partisans in the Apple/Microsoft Holy War. The reality is that trojans exist, viruses exist and the rest is a pointless, and unhelpful argument over which platform is better/worse.

On the contrary, there are no Mac viruses in the wild, and there are very real differences in design philosophy and basic architecture between OS X (Unix) and Windows. This is a major advantage and a major selling point. To ignore it is to say to Microsoft that “good enough” is OK with you.